# Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved. # # See LICENSE for license information. # A workflow to trigger ci on hybrid infra (github + self hosted runner) name: Blossom-CI on: issue_comment: types: [created] workflow_dispatch: inputs: platform: description: 'runs-on argument' required: false args: description: 'argument' required: false jobs: Authorization: name: Authorization runs-on: blossom outputs: args: ${{ env.args }} # This job only runs for pull request comments if: | contains( 'ptrendx,ksivaman,', format('{0},', github.actor)) && github.event.comment.body == '/blossom-ci' steps: - name: Check if comment is issued by authorized person run: blossom-ci env: OPERATION: 'AUTH' REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} Vulnerability-scan: name: Vulnerability scan needs: [Authorization] runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 with: repository: ${{ fromJson(needs.Authorization.outputs.args).repo }} ref: ${{ fromJson(needs.Authorization.outputs.args).ref }} lfs: 'true' - name: Run blossom action uses: NVIDIA/blossom-action@main env: REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} with: args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }} args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }} args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }} Job-trigger: name: Start ci job needs: [Vulnerability-scan] runs-on: blossom steps: - name: Start ci job run: blossom-ci env: OPERATION: 'START-CI-JOB' CI_SERVER: ${{ secrets.CI_SERVER }} REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} Upload-Log: name: Upload log runs-on: blossom if : github.event_name == 'workflow_dispatch' steps: - name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here) run: blossom-ci env: OPERATION: 'POST-PROCESSING' CI_SERVER: ${{ secrets.CI_SERVER }} REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}